X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fdatabase%2Fmysql.yaml;h=da55da3c83ae97df8db6b7b63e1917a3c565d8d0;hb=88381053c2785cce670bf91ebc00177992dc45bc;hp=7e12894feabbc01d7203f4979d79f5c547d78b4c;hpb=5bea89cc5d10ce6245c680a2b10aeb5ff7b0996b;p=apex-tripleo-heat-templates.git

diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml
index 7e12894f..da55da3c 100644
--- a/puppet/services/database/mysql.yaml
+++ b/puppet/services/database/mysql.yaml
@@ -23,6 +23,10 @@ parameters:
     description: Configures MySQL max_connections config setting
     type: number
     default: 4096
+  MysqlIncreaseFileLimit:
+    description: Flag to increase MySQL open-files-limit to 16384
+    type: boolean
+    default: true
   MysqlRootPassword:
     type: string
     hidden: true
@@ -34,13 +38,17 @@ parameters:
     default: true
     description: Whether to use Galera instead of regular MariaDB.
     type: boolean
+  NovaPassword:
+    description: The password for the nova db account
+    type: string
+    hidden: true
+  EnableInternalTLS:
+    type: boolean
+    default: false
 
-resources:
+conditions:
 
-  MySQLTLS:
-    type: OS::TripleO::Services::MySQLTLS
-    properties:
-      ServiceNetMap: {get_param: ServiceNetMap}
+  internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
 
 outputs:
   role_data:
@@ -49,7 +57,6 @@ outputs:
       service_name: mysql
       config_settings:
         map_merge:
-          - get_attr: [MySQLTLS, role_data, config_settings]
           -
             # The Galera package should work in cluster and
             # non-cluster modes based on the config file.
@@ -92,8 +99,32 @@ outputs:
                   $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
             tripleo::profile::base::database::mysql::client_bind_address:
               {get_param: [ServiceNetMap, MysqlNetwork]}
+            tripleo::profile::base::database::mysql::generate_dropin_file_limit:
+              {get_param: MysqlIncreaseFileLimit}
+          - generate_service_certificates: true
+            tripleo::profile::base::database::mysql::certificate_specs:
+              service_certificate: '/etc/pki/tls/certs/mysql.crt'
+              service_key: '/etc/pki/tls/private/mysql.key'
+              hostname:
+                str_replace:
+                  template: "%{hiera('cloud_name_NETWORK')}"
+                  params:
+                    NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
+              principal:
+                str_replace:
+                  template: "mysql/%{hiera('cloud_name_NETWORK')}"
+                  params:
+                    NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
       step_config: |
         include ::tripleo::profile::base::database::mysql
+      metadata_settings:
+        if:
+          - internal_tls_enabled
+          -
+            - service: mysql
+              network: {get_param: [ServiceNetMap, MysqlNetwork]}
+              type: vip
+          - null
       upgrade_tasks:
         - name: Check for galera root password
           tags: step0
@@ -104,4 +135,15 @@ outputs:
         - name: Start service
           tags: step4
           service: name=mariadb state=started
-
+        - name: Setup cell_v2 (create cell0 database)
+          tags: step4
+          mysql_db:
+            name: nova_cell0
+            state: present
+        - name: Setup cell_v2 (grant access to the nova DB user)
+          tags: step4
+          mysql_user:
+            str_replace:
+              template: "name=nova password=PASSWORD host=\"%\" priv=\"nova.*:ALL/nova_cell0.*:ALL,GRANT\" state=present"
+              params:
+                PASSWORD: {get_param: NovaPassword}